1 minute read
Supplier and Vendor Management
from 2022 OnRisk Report
Definition:
For an organization to be successful, it has to maintain healthy and fruitful relationships with its external business partners and vendors. This risk examines organizations’ abilities to select and monitor third-party relationships.
Advertisement
Analysis:
While more CAEs have high personal knowledge of this critical risk in an increasingly interconnected business environment, fewer perceive their organizations as having a high capability to manage this risk. This gap between CAEs and their stakeholders may be driven by a higher percentage of CAEs viewing this risk as being highly relevant to their organizations, likely stemming from publicly reported cyber threats, compliance-related issues, and other disruptive events arising from thirdparty relationships.
KNOWLEDGE AND CAPABILITY
Percentage who gave a rating of 6 or 7 on a scale of 1 to 7
RISK STAGE
Moved from Explore to Develop
Quotes:
“The challenge is how do we keep this relationship with these long-time vendors, and at the same time how do we go out and find what we need if that vendor cannot provide it.” –C-suite, Manufacturing
“Our organization has really strong relationships…but I gave it a lower capability score because data privacy, protection, cybersecurity…those things are harder to manage with our suppliers.” –CAE, Technology
RISK RELEVANCE
Percentage who gave a rating of 6 or 7 on a scale of 1 to 7
